This course is the first in the ScreenOS curriculum. It is a three-day, instructor-led course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, attack prevention features, address translation, and VPN implementations. This course is based on ScreenOS version 6.2.

Target Audience

This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks firewall products.

Configure the ScreenOS firewall to permit and deny traffic based on user defined policies.

Configure advanced policy options.

Identify and configure network designs for various types of network address translation.

Configure policy-based and route-based VPN tunnels.

Course Outline

Day 1

Chapter 1: Course Introduction

Chapter 2: ScreenOS Concepts, Terminology, and Platforms

Security Device Requirements

ScreenOS Security Architecture

Juniper Networks Platforms

Chapter 3: Initial Connectivity

System Components

Establishing Connectivity

Verifying Connectivity

Lab 1: Initial Configuration

Chapter 4: Device Management

Management

Recovery

Lab 2: Device Administration

Day 2

Chapter 5: Layer 3 Operations

Need for Routing

Configuring Layer 3

Verifying Layer 3

Loopback Interface

Interface-Based NAT

Lab 3: Layer 3 Operations

Chapter 6: Basic Policy Configuration

Functionality

Policy Configuration

Common Problems

Global Policy

Verifying Policies

Lab 4: Basic Policy Configuration

Chapter 7: Policy Options

Overview

Logging

Counting

Scheduling

User Authentication

Lab 5: Policy Options

Chapter 8: Address Translation

Scenarios

NAT-src

NAT-dst

VIP Addresses

MIP Addresses

Lab 6: Address Translation

Day 3

Chapter 9: VPN Concepts

Concepts and Terminology

IP Security

Chapter 10: Policy-Based VPNs

Configuration

Verifying Operations

Lab 7: Policy-Based VPNs

Chapter 11: Route-Based VPNs

Concepts and Terminology

Configuring VPNs

Verifying Operations

Lab 8: Route-Based VPNs

Chapter 12: IPv6

IPv6 Concepts

Configuration

Verifying IPv6 Operations

Lab 9: IPv6

Appendix A: Additional Features

Hardware

Appendix B: Transparent Mode

Description

Configuration

Verifying Operations

Lab 10: Transparent Mode (Optional)

EquiTrain –a pision of Equinox International- equips organizations with IT skills that are the lifeblood of modern corporate life, as Theyll as the professional expertise required for ensuring productivity and to remain competitive now and tomorrow.

At EquiTrain, They tailor end-to-end training solutions that incorporate both IT and business consultancy to the specific needs of each inpidual customer. They can equip yTheir IT professionals with all they need to quickly maximize yTheir new technology investments as Theyll as pushing forward absolute beginners on their road to IT proficiency.

They offer a broad range of IT and Management training cTheirses and certifications from top technology vendors with a choice of on-site or offsite, public or closed and local or abroad training. Their portfolio of cTheirses is supplemented by Their strategic training alliance with world's leading providers of learning solutions.